Extreme Networks ExtremeWare Command Especificaciones Pagina 113
- Pagina / 254
- Tabla de contenidos
- SOLUCIÓN DE PROBLEMAS
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
ExtremeWare XOS 10.1 Concepts Guide 113
9 Security
This chapter describes the following topics:
• Security Overview on page 113
• Network Access Security on page 113
— IP Access Lists (ACLs) on page 113
• Switch Protection on page 119
— Policies on page 120
• Management Access Security on page 128
— Authenticating Users Using RADIUS or TACACS+ on page 129
Security Overview
Extreme Networks products incorporate a number of features designed to enhance the security of your
network. No one feature can insure security, but by using a number of features in concert, you can
substantially improve the security of your network. The features described in this chapter are part of an
overall approach to network security
Network Access Security
Network access security features control devices accessing your network. In this category are the
following features:
• IP Access Lists (ACLs)
IP Access Lists (ACLs)
IP access lists consist of IP access rules and are used to perform packet filtering and forwarding
decisions on incoming traffic. Each packet arriving on an ingress port is compared to the access list
applied to that port and is either permitted or denied. Permitted and denied (dropped) packets can also
be counted. Using access lists has no impact on switch performance.
- ExtremeWare XOS Concepts 1
- Chapter 3 Managing the Switch 4
- Chapter 9 Security 7
- Chapter 12 IP Unicast Routing 8
- Part 3 Appendixes 10
- Index of Commands 11
- Contents 12
- Introduction 13
- Conventions 14
- Related Publications 14
- Using ExtremeWare XOS 15
- 1 ExtremeWare XOS Overview 17
- Quality of Service 18
- Unicast Routing 18
- IP Multicast Routing 18
- Load Sharing 18
- ExtremeWare XOS Overview 20
- 2 Accessing the Switch 21
- Syntax Helper 22
- Command Shortcuts 22
- Line-Editing Keys 24
- Command History 25
- Common Commands 25
- is +/- minutes 26
- Configuring Management Access 27
- Default Accounts 28
- Creating a Management Account 29
- Checking Basic Connectivity 30
- Traceroute 31
- Accessing the Switch 32
- 3 Managing the Switch 33
- Understanding the XOS Shell 34
- Using the Console Interface 34
- Using Telnet 35
- Using a BOOTP or DHCP Server 36
- Managing the Switch 38
- Using SNMP 39
- Accessing Switch Agents 40
- Supported MIBs 40
- Displaying SNMP Settings 40
- SNMPv3 Overview 41
- Message Processing 42
- SNMPv3 Security 42
- Users, Groups, and Security 43
- MIB Access Control 44
- Notification 45
- Target Addresses 46
- Target Parameters 46
- Filter Profiles and Filters 46
- Notification Tags 47
- Authenticating Users 48
- Configuring and Using SNTP 49
- SNTP Example 52
- Configuring Ports on a Switch 54
- Jumbo Frames 56
- Load Sharing on the Switch 58
- Switch Port-Mirroring 59
- Extreme Discovery Protocol 60
- 5 Virtual LANs (VLANs) 61
- Types of VLANs 62
- System 1 63
- System 2 63
- Tagged VLANs 64
- Uses of Tagged VLANs 65
- Assigning a VLAN Tag 65
- Marketing 66
- Protocol-Based VLANs 67
- Predefined Protocol Filters 68
- Defining Protocol Filters 68
- Deleting a Protocol Filter 69
- VLAN Names 70
- VLAN Configuration Examples 71
- Displaying VLAN Settings 72
- VLAN Tunneling (VMANs) 73
- Virtual LANs (VLANs) 74
- 6 Forwarding Database (FDB) 75
- FDB Entry Types 76
- FDB Configuration Examples 77
- MAC-Based Security 78
- Displaying FDB Entries 78
- Forwarding Database (FDB) 80
- 7 Quality of Service (QoS) 81
- Applications and Types of QoS 82
- Video Applications 83
- Web Browsing Applications 83
- File Server Applications 83
- Configuring QoS 84
- QoS Profiles 84
- Traffic Groupings 85
- Configuring 802.1p Priority 86
- Configuring DiffServ 87
- Quality of Service (QoS) 88
- Physical Groupings 89
- QoS Monitor 90
- Status Monitoring 91
- Slot Diagnostics 91
- Port Statistics 93
- Port Errors 93
- Port Monitoring Display Keys 94
- System Temperature 95
- System Health Checking 96
- System Redundancy 96
- Electing the Node 97
- Configuring Node Parameters 98
- Configuring the Node State 98
- Relinquishing Primary Status 98
- Synchronizing the Backup 99
- Viewing Checkpoint Statistics 99
- Viewing Node Statistics 100
- Target Configuration 101
- Severity 102
- Components and Conditions 103
- Matching Expressions 106
- Matching Parameters 107
- Formatting Event Messages 108
- Displaying Events Logs 109
- Uploading Events Logs 109
- Displaying Debug Information 111
- 9 Security 113
- Creating IP Access Lists 114
- ACL File Syntax 114
- IP Access Lists (ACLs) 115
- Security 116
- Example ACL Rule Entries 117
- Switch Protection 119
- Policies 120
- Creating Policies 120
- Policy File Syntax 120
- Autonomous System Expressions 122
- Policy Examples 124
- ExtremeWare Route Map: 126
- Management Access Security 128
- Enabling and Disabling RADIUS 129
- Configuring RADIUS Accounting 130
- Configuring RADIUS 130
- RADIUS RFC 2138 Attributes 130
- Configuring TACACS+ 131
- Using Switching and Routing 133
- Protocols 133
- Spanning Tree Protocol (STP) 135
- STP Terms 136
- Spanning Tree Domains 137
- STPD Modes 138
- Encapsulation Modes 139
- STP States 140
- Binding Ports 140
- Automatically Binding Ports 141
- STP Configurations 142
- Sales, Personnel, Marketing 143
- Sales & Engineering 144
- Multiple STPDs on a Port 145
- VLAN Spanning Multiple STPDs 145
- EMISTP Deployment Constraints 146
- Per-VLAN Spanning Tree 148
- Rapid Spanning Tree Protocol 148
- RSTP Terms 149
- RSTP Concepts 149
- Link Types 150
- RSTP Timers 151
- RSTP Operation 152
- Root Port Rapid Behavior 153
- Receiving Bridge Behavior 154
- Rapid Reconvergence 154
- STP Rules and Restrictions 159
- Configuring STP on the Switch 159
- STP Configuration Examples 160
- EMISTP Configuration Example 161
- Displaying STP Settings 163
- Overview 165
- Determining the VRRP Master 166
- VRRP Tracking Example 167
- Additional VRRP Highlights 168
- VRRP Operation 169
- Fully-Redundant VRRP Network 170
- VRRP Configuration Parameters 171
- VRRP Examples 172
- Switch A 173
- Switch B 173
- 12 IP Unicast Routing 175
- Router Interfaces 176
- Populating the Routing Table 177
- Proxy ARP 178
- Relative Route Priorities 179
- Routing Configuration Example 180
- = IP traffic 181
- = NetBIOS traffic 181
- Configuring DHCP/BOOTP Relay 182
- UDP Echo Server 183
- IP Unicast Routing 184
- 13 Interior Gateway Protocols 185
- Overview of RIP 187
- Overview of OSPF 188
- Database Overflow 189
- Opaque LSAs 189
- Backbone Area (Area 0.0.0.0) 190
- Stub Areas 190
- Not-So-Stubby-Areas (NSSA) 190
- Normal Area 191
- Virtual Links 191
- Virtual link 192
- Route Re-Distribution 193
- ASBR ASBR 194
- RIP Configuration Example 196
- Configuring OSPF 197
- Interior Gateway Protocols 198
- OSPF Configuration Example 199
- Displaying OSPF Settings 200
- OSPF LSDB Display 201
- BGP Attributes 204
- BGP Communities 205
- BGP Features 205
- Route Confederations 206
- Route Confederation Example 207
- Route Aggregation 209
- Using the Loopback Interface 210
- BGP Peer Groups 210
- BGP Route Flap Dampening 211
- BGP Route Selection 212
- command 214
- 15 IP Multicast Routing 215
- PIM Overview 216
- IGMP Overview 217
- IGMP Snooping Filters 218
- Configuration Examples 219
- Configuration for IR1 220
- Configuration for ABR1 221
- Appendixes 223
- Downloading a New Image 225
- Saving Configuration Changes 227
- Returning to Factory Defaults 228
- Renaming Configuration Files 229
- Deleting Configuration Files 229
- Accessing the Bootloader 230
- B Troubleshooting 233
- Troubleshooting 234
- Port Configuration 236
- Debug Mode 238
- System Health Check 238
- System Odometer 238
- Standards 241
- Numerics 245
Relacionado con productos y manuales para Software Extreme Networks ExtremeWare Command
(66 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.050 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales